<div id="fb-root"></div>
<script src="http://connect.facebook.net/en_US/all.js"></script>
<script>
  FB.init({appId: '$app_id$', status: true, cookie: true, xfbml: true});
  FB.Event.subscribe('auth.login', function(response) {
    window.location.reload();
  });
</script>

<p>
Click on the button below to authenticate with Facebook:
</p>

<fb:login-button perms="user_photos"></fb:login-button>

<p>
No Facebook-related information is stored on the server, thus this is completely safe.
</p>
